analyse RSIT :
Logfile of random’s system information tool 1.06 (written by random/random)
Run by cyril at 2009-12-29 19:01:56
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 163 GB (84%) free of 194 GB
Total RAM: 2047 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:58, on 29/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Realtek\Diagnostics Utility\8169Diag.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Program Files\ASUS\Ai Suite\Q-Button\QButton.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\cyril\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\cyril.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O4 - HKLM…\Run: [Six Engine] “C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe” -r
O4 - HKLM…\Run: [ASUS Update Checker] C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
O4 - HKLM…\Run: [8169Diag] C:\Program Files\Realtek\Diagnostics Utility\8169Diag.exe /hw
O4 - HKLM…\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM…\Run: [Ai Nap] “C:\Program Files\ASUS\Ai Suite\Q-Button\QButton.exe”
O4 - HKLM…\Run: [QFan Help] “C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe”
O4 - HKLM…\Run: [Cpu Level Up help] “C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe”
O4 - HKLM…\Run: [Adobe ARM] “C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM…\Run: [SSBkgdUpdate] “C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe” -Embedding -boot
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM…\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [H/PC Connection Agent] “C:\Program Files\Microsoft ActiveSync\wcescomm.exe”
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra ‘Tools’ menuitem: Créer un Favori de l’appareil mobile… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com…
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - platformdl.adobe.com…
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
–
End of file - 7478 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{3B63F1FD-1B05-4F02-90A1-F8A52FDEFF48}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26 378736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL [2009-08-26 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\SearchSettings.dll [2009-12-16 1109504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll [2009-08-26 378736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“Six Engine”=C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [2009-02-23 5637632]
“ASUS Update Checker”=C:\Program Files\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11 114688]
“8169Diag”=C:\Program Files\Realtek\Diagnostics Utility\8169Diag.exe [2008-05-12 139264]
“Ulead AutoDetector v2”=C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe [2006-11-29 90112]
“Ai Nap”=C:\Program Files\ASUS\Ai Suite\Q-Button\QButton.exe [2009-02-09 1961984]
“QFan Help”=C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
“Cpu Level Up help”=C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
“Adobe ARM”=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
“SSBkgdUpdate”=C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2009-02-04 18085888]
“Alcmtr”=C:\WINDOWS\ALCMTR.EXE [2008-06-20 57344]
“StartCCC”=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
“SearchSettings”=C:\Program Files\Search Settings\SearchSettings.exe [2009-12-16 975360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
“H/PC Connection Agent”=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“HonorAutoRunSetting”=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\Microsoft ActiveSync\rapimgr.exe”=“C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager”
“C:\Program Files\Microsoft ActiveSync\wcescomm.exe”=“C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager”
“C:\Program Files\Microsoft ActiveSync\WCESMgr.exe”=“C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application”
“C:\WINDOWS\system32\PnkBstrA.exe”=“C:\WINDOWS\system32\PnkBstrA.exe::Enabled:PnkBstrA"
“C:\WINDOWS\system32\PnkBstrB.exe”="C:\WINDOWS\system32\PnkBstrB.exe::Enabled:PnkBstrB”
“C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe”=“C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™”
“C:\Program Files\ma-config.com\maconfservice.exe”=“C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\Microsoft ActiveSync\rapimgr.exe”=“C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager”
“C:\Program Files\Microsoft ActiveSync\wcescomm.exe”=“C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager”
“C:\Program Files\Microsoft ActiveSync\WCESMgr.exe”=“C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application”
======List of files/folders created in the last 1 months======
2009-12-23 23:15:53 ----D---- C:\Documents and Settings\cyril\Application Data\Search Settings
2009-12-23 23:15:45 ----D---- C:\Documents and Settings\cyril\Application Data\FreeCDRipper
2009-12-23 23:15:44 ----D---- C:\Program Files\Search Settings
2009-12-23 23:15:32 ----D---- C:\Program Files\Application Updater
2009-12-23 23:15:14 ----D---- C:\Documents and Settings\cyril\Application Data\FreeAudioPack
2009-12-20 22:12:48 ----D---- C:\Program Files\GPU-Z
2009-12-19 21:48:39 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-12-19 21:44:13 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2009-12-19 21:44:13 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-12-19 21:28:34 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-19 14:28:34 ----RD---- C:\Documents and Settings\cyril\Application Data\Brother
2009-12-18 14:58:06 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-12-18 14:58:06 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-12-18 14:58:06 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-12-18 14:58:06 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-12-18 14:58:04 ----A---- C:\WINDOWS\avisplitter.ini
2009-12-18 14:58:03 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2009-12-18 14:58:03 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-12-18 14:58:03 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-12-18 14:58:02 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2009-12-18 14:58:02 ----A---- C:\WINDOWS\system32\dpl100.dll
2009-12-18 14:58:02 ----A---- C:\WINDOWS\system32\divx.dll
2009-12-18 14:58:01 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2009-12-18 14:58:00 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2009-12-18 14:57:59 ----D---- C:\Program Files\K-Lite Codec Pack
2009-12-18 14:50:53 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-12-18 14:45:07 ----D---- C:\Documents and Settings\cyril\Application Data\InstallShield
2009-12-18 13:13:47 ----A---- C:\WINDOWS\system32\WMAFile.dll
2009-12-18 13:13:47 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2009-12-18 13:13:47 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2009-12-18 13:13:47 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2009-12-18 13:13:47 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\inetfr.DLL
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\AudFile.dll
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2009-12-18 13:13:46 ----A---- C:\WINDOWS\system32\AudDesign.dll
2009-12-18 12:50:03 ----D---- C:\Documents and Settings\cyril\Application Data\Recordpad
2009-12-18 12:49:42 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Software
2009-12-18 12:48:11 ----D---- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound
2009-12-18 12:47:48 ----D---- C:\Documents and Settings\cyril\Application Data\NCH Swift Sound
2009-12-10 19:31:04 ----HDC---- C:\WINDOWS$NtUninstallKB970430$
2009-12-10 19:30:59 ----HDC---- C:\WINDOWS$NtUninstallKB974318$
2009-12-10 19:30:27 ----HDC---- C:\WINDOWS$NtUninstallKB973904$
2009-12-10 19:30:13 ----HDC---- C:\WINDOWS$NtUninstallKB974392$
2009-12-10 19:29:44 ----HDC---- C:\WINDOWS$NtUninstallKB971737$
2009-12-02 15:29:28 ----D---- C:\Program Files\Lavalys
======List of files/folders modified in the last 1 months======
2009-12-29 19:01:56 ----D---- C:\rsit
2009-12-29 18:52:08 ----D---- C:\WINDOWS\Prefetch
2009-12-29 18:52:06 ----D---- C:\Program Files\Trend Micro
2009-12-29 18:50:53 ----D---- C:\WINDOWS
2009-12-29 18:45:13 ----D---- C:\WINDOWS\system32
2009-12-29 18:45:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-29 18:44:26 ----D---- C:\Program Files\Mozilla Firefox
2009-12-29 18:41:37 ----D---- C:\WINDOWS\Temp
2009-12-29 18:41:09 ----A---- C:\ntservicelogOutlook.txt
2009-12-29 14:12:16 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-28 22:17:14 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-12-27 19:31:13 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-25 16:22:22 ----D---- C:\WINDOWS\system32\config
2009-12-23 23:27:06 ----SHD---- C:\WINDOWS\Installer
2009-12-23 23:27:04 ----D---- C:\WINDOWS\WinSxS
2009-12-23 23:26:56 ----RD---- C:\Program Files
2009-12-20 22:10:31 ----D---- C:\WINDOWS\system32\drivers
2009-12-19 21:49:11 ----D---- C:\Program Files\ATI
2009-12-19 21:46:59 ----RSD---- C:\WINDOWS\assembly
2009-12-19 21:46:32 ----D---- C:\Program Files\ATI Technologies
2009-12-19 21:44:41 ----HD---- C:\WINDOWS\inf
2009-12-19 21:44:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-19 21:44:13 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-19 21:36:17 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-19 21:36:17 ----D---- C:\Program Files\Realtek
2009-12-19 21:29:00 ----D---- C:\Program Files\ma-config.com
2009-12-19 21:29:00 ----D---- C:\Documents and Settings\All Users\Application Data\ma-config.com
2009-12-19 14:29:20 ----A---- C:\WINDOWS\BRWMARK.INI
2009-12-18 14:51:33 ----D---- C:\WINDOWS\system32\RTCOM
2009-12-18 14:51:23 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-18 14:50:10 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-12-10 20:44:32 ----D---- C:\WINDOWS\Debug
2009-12-10 19:30:51 ----D---- C:\Program Files\Internet Explorer
2009-12-10 19:30:35 ----HD---- C:\WINDOWS$hf_mig$
2009-12-05 00:48:06 ----D---- C:\Program Files\Malwarebytes’ Anti-Malware
2009-12-02 15:06:45 ----D---- C:\Program Files\ASUS
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;Pilote de processeur AMD HwPState; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\BHDrvx86.sys [2009-08-26 259632]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\ccHPx86.sys [2009-10-11 482432]
R1 eeCtrl;Symantec Eraser Control driver; ??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; ??\C:\Documents and Settings\All Users\Application Data\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20091217.002\IDSxpx86.sys []
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1007020.00B\SRTSPX.SYS [2009-08-26 43696]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMTDI.SYS [2009-08-26 217136]
R1 WmiAcpi;Interface de gestion Microsoft Windows pour ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 LANPkt;Realtek LANPkt Protocol Driver; C:\WINDOWS\system32\DRIVERS\LANPkt.sys [2007-11-20 8960]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 Diag69xp;Diag69xp; C:\WINDOWS\System32\Drivers\Diag69xp.sys [2007-12-03 11264]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; ??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-04 5030912]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12288]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-16 5810]
R3 NAVENG;NAVENG; ??\C:\Documents and Settings\All Users\Application Data\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091228.041\NAVENG.SYS []
R3 NAVEX15;NAVEX15; ??\C:\Documents and Settings\All Users\Application Data\Norton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091228.041\NAVEX15.SYS []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SRTSP.SYS [2009-08-26 308272]
R3 SymEvent;SymEvent; ??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMFW.SYS [2009-08-26 89904]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMIDS.SYS [2009-08-26 33072]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-26 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NIS\1007020.00B\SYMNDIS.SYS [2009-08-26 36400]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d’hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-06 1684736]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
S3 driverhardwarev2;driverhardwarev2; ??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-05 1389056]
S3 NCHSSVAD;SoundTap Recorder (32 Bit); C:\WINDOWS\system32\drivers\nchssvad.sys [2009-12-18 33848]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMIV.sys [2008-04-30 143328]
S3 RTLVLAN;Realtek VLAN Intermediate Driver; C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS [2007-11-20 16640]
S3 SaiH040C;SaiH040C; C:\WINDOWS\system32\DRIVERS\SaiH040C.sys [2005-11-03 176640]
S3 SaiU040C;SaiU040C; C:\WINDOWS\system32\DRIVERS\SaiU040C.sys [2005-11-03 27264]
S3 SYMDNS;SYMDNS; ??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-26 36400]
S3 SYMREDRV;SYMREDRV; ??\C:\WINDOWS\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 usb_rndisx;Carte ISDN USB; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbprint;Classe d’imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.00\AsSysCtrlService.exe [2008-08-16 86016]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
R2 brmfrmps;Brother Popup Suspend service for Resource manager; C:\WINDOWS\system32\Brmfrmps.exe [2003-05-05 65536]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 DvmMDES;DeviceVM Meta Data Export Service; C:\ASUS.SYS\config\DVMExportService.exe [2008-12-01 323584]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [2009-08-26 117640]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-29 66872]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc); C:\WINDOWS\system32\pr2ah4nc.exe [2007-05-18 407152]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-12-17 243056]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
info.txt logfile of random’s system information tool 1.06 2009-12-29 19:01:59
======Uninstall list======
–>MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
–>MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.65–>“C:\Program Files\7-Zip\Uninstall.exe”
Adobe Download Manager–>“C:\WINDOWS\system32\rundll32.exe” “C:\Program Files\NOS\bin\getPlus_Helper.dll”,Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
AI Suite–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe” -l0x40c
AIDA32 v3.93–>“C:\Program Files\AIDA32 - Personal System Information\unins000.exe”
AMD Processor Driver–>C:\Program Files\InstallShield Installation Information{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x040c -removeonly
ASUSUpdate–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{587178E7-B1DF-494E-9838-FA4DD36E873C}\setup.exe” -l0x40c
ATI Display Driver–>rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Brother MFL-Pro Suite–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{40A6C96D-808E-41DD-8716-617AB6B0F1F1}\Setup.exe” -l0x40c Brunin03.dllBrunin03.dll
Call of Duty® 4 - Modern Warfare™–>C:\Program Files\InstallShield Installation Information{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
Catalyst Control Center - Branding–>MsiExec.exe /I{8D7133DE-27D2-47E5-B248-4180278D32AA}
CCleaner–>“C:\Program Files\CCleaner\uninst.exe”
CodeStuff Starter–>“C:\Program Files\CodeStuff\Starter\unStarter.exe”
Cool & Quiet–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}\setup.exe” -l0x40c
Corel MediaOne–>MsiExec.exe /I{A062A15F-9CAC-4B88-98DF-87628A0BD721}
Correctif pour Lecteur Windows Media 11 (KB939683)–>“C:\WINDOWS$NtUninstallKB939683$\spuninst\spuninst.exe”
Correctif pour Windows XP (KB952287)–>“C:\WINDOWS$NtUninstallKB952287$\spuninst\spuninst.exe”
Correctif pour Windows XP (KB961118)–>“C:\WINDOWS$NtUninstallKB961118$\spuninst\spuninst.exe”
Correctif pour Windows XP (KB970653-v3)–>“C:\WINDOWS$NtUninstallKB970653-v3$\spuninst\spuninst.exe”
Correctif pour Windows XP (KB976098-v2)–>“C:\WINDOWS$NtUninstallKB976098-v2$\spuninst\spuninst.exe”
Diagnostics Utility–>C:\Program Files\InstallShield Installation Information{88253B77-33C9-4A9D-9E4C-4579E39D9158}\setup.exe -runfromtemp -l0x040c -removeonly
DiRT–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}\setup.exe” -l0x40c -removeonly
EPU-4 Engine–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}\setup.exe” -l0x40c
EVEREST Ultimate Edition v4.50–>“C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe”
Express Gate–>MsiExec.exe /X{99AD9D6D-A456-49EE-8360-F22EE7AA1272}
FileHippo.com Update Checker–>“C:\Program Files\FileHippo.com\uninstall.exe”
High Definition Audio Driver Package - KB888111–>“C:\WINDOWS$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe”
HijackThis 2.0.2–>“C:\Program Files\Trend Micro\HijackThis\HijackThis.exe” /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)–>C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)–>C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)–>“C:\WINDOWS$NtUninstallKB929399$\spuninst\spuninst.exe”
K-Lite Mega Codec Pack 5.5.1–>“C:\Program Files\K-Lite Codec Pack\unins000.exe”
Lecteur Windows Media 11–>“C:\Program Files\Windows Media Player\Setup_wm.exe” /Uninstall
LevelR–>MsiExec.exe /I{A91FD297-006B-48D9-884A-E40E0A04B2F5}
Ma-Config.com–>MsiExec.exe /X{18754BA4-4F0C-4E6E-888B-9496AFA05F43}
Malwarebytes’ Anti-Malware–>“C:\Program Files\Malwarebytes’ Anti-Malware\unins000.exe”
Microsoft .NET Framework 2.0 Service Pack 2–>MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2–>MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1–>C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1–>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync–>MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Compression Client Pack 1.0 for Windows XP–>“C:\WINDOWS$NtUninstallMSCompPackV1$\spuninst\spuninst.exe”
Microsoft User-Mode Driver Framework Feature Pack 1.0–>“C:\WINDOWS$NtUninstallWudf01000$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)–>“C:\WINDOWS$NtUninstallKB952069_WM9$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media (KB954155)–>“C:\WINDOWS$NtUninstallKB954155_WM9$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media (KB968816)–>“C:\WINDOWS$NtUninstallKB968816_WM9$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media (KB973540)–>“C:\WINDOWS$NtUninstallKB973540_WM9$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)–>“C:\WINDOWS$NtUninstallKB954154_WM11$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)–>“C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)–>“C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB974455)–>“C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB976325)–>“C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB923561)–>“C:\WINDOWS$NtUninstallKB923561$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB938464-v2)–>“C:\WINDOWS$NtUninstallKB938464-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB941569)–>“C:\WINDOWS$NtUninstallKB941569$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB946648)–>“C:\WINDOWS$NtUninstallKB946648$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950762)–>“C:\WINDOWS$NtUninstallKB950762$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB950974)–>“C:\WINDOWS$NtUninstallKB950974$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951066)–>“C:\WINDOWS$NtUninstallKB951066$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951376-v2)–>“C:\WINDOWS$NtUninstallKB951376-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB951748)–>“C:\WINDOWS$NtUninstallKB951748$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB952004)–>“C:\WINDOWS$NtUninstallKB952004$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB952954)–>“C:\WINDOWS$NtUninstallKB952954$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB954459)–>“C:\WINDOWS$NtUninstallKB954459$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB954600)–>“C:\WINDOWS$NtUninstallKB954600$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB955069)–>“C:\WINDOWS$NtUninstallKB955069$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956572)–>“C:\WINDOWS$NtUninstallKB956572$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956744)–>“C:\WINDOWS$NtUninstallKB956744$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956802)–>“C:\WINDOWS$NtUninstallKB956802$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956803)–>“C:\WINDOWS$NtUninstallKB956803$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB956844)–>“C:\WINDOWS$NtUninstallKB956844$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB957097)–>“C:\WINDOWS$NtUninstallKB957097$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958644)–>“C:\WINDOWS$NtUninstallKB958644$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958687)–>“C:\WINDOWS$NtUninstallKB958687$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB958869)–>“C:\WINDOWS$NtUninstallKB958869$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB959426)–>“C:\WINDOWS$NtUninstallKB959426$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960225)–>“C:\WINDOWS$NtUninstallKB960225$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960803)–>“C:\WINDOWS$NtUninstallKB960803$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB960859)–>“C:\WINDOWS$NtUninstallKB960859$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB961371-v2)–>“C:\WINDOWS$NtUninstallKB961371-v2$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB961501)–>“C:\WINDOWS$NtUninstallKB961501$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB968537)–>“C:\WINDOWS$NtUninstallKB968537$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB969059)–>“C:\WINDOWS$NtUninstallKB969059$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB969947)–>“C:\WINDOWS$NtUninstallKB969947$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB970238)–>“C:\WINDOWS$NtUninstallKB970238$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB970430)–>“C:\WINDOWS$NtUninstallKB970430$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971486)–>“C:\WINDOWS$NtUninstallKB971486$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971557)–>“C:\WINDOWS$NtUninstallKB971557$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971633)–>“C:\WINDOWS$NtUninstallKB971633$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB971657)–>“C:\WINDOWS$NtUninstallKB971657$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973346)–>“C:\WINDOWS$NtUninstallKB973346$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973354)–>“C:\WINDOWS$NtUninstallKB973354$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973507)–>“C:\WINDOWS$NtUninstallKB973507$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973525)–>“C:\WINDOWS$NtUninstallKB973525$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973869)–>“C:\WINDOWS$NtUninstallKB973869$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB973904)–>“C:\WINDOWS$NtUninstallKB973904$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB974112)–>“C:\WINDOWS$NtUninstallKB974112$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB974318)–>“C:\WINDOWS$NtUninstallKB974318$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB974392)–>“C:\WINDOWS$NtUninstallKB974392$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB974571)–>“C:\WINDOWS$NtUninstallKB974571$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB975025)–>“C:\WINDOWS$NtUninstallKB975025$\spuninst\spuninst.exe”
Mise à jour de sécurité pour Windows XP (KB975467)–>“C:\WINDOWS$NtUninstallKB975467$\spuninst\spuninst.exe”
Mise à jour pour Windows Internet Explorer 8 (KB973874)–>“C:\WINDOWS\ie8updates\KB973874-IE8\spuninst\spuninst.exe”
Mise à jour pour Windows Internet Explorer 8 (KB976749)–>“C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB951978)–>“C:\WINDOWS$NtUninstallKB951978$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB967715)–>“C:\WINDOWS$NtUninstallKB967715$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB968389)–>“C:\WINDOWS$NtUninstallKB968389$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB971737)–>“C:\WINDOWS$NtUninstallKB971737$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB973687)–>“C:\WINDOWS$NtUninstallKB973687$\spuninst\spuninst.exe”
Mise à jour pour Windows XP (KB973815)–>“C:\WINDOWS$NtUninstallKB973815$\spuninst\spuninst.exe”
Mozilla Firefox (3.5.6)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)–>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Norton Internet Security–>C:\Program Files\NortonInstaller{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.2.11\InstStub.exe /X
PaperPort–>MsiExec.exe /I{A17EABB6-D0C6-44E5-820C-72DC7F495064}
PC Probe II–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{F7338FA3-DAB5-49B2-900D-0AFB5760C166}\setup.exe” -l0x40c
RAIDXpert–>“C:\Program Files\InstallShield Installation Information{8B76B8E9-F773-4B75-A08C-120079EB765E}\setup.exe” -runfromtemp -l0x040c -removeonly
REALTEK GbE & FE Ethernet PCI-E NIC Driver–>C:\Program Files\InstallShield Installation Information{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe” -l0x40c -removeonly
Revo Uninstaller 1.85–>C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Search Settings v1.2.3–>MsiExec.exe /X{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
SFR - Kit de connexion–>C:\Program Files\SFR\Kit\uninstall.exe
SimCity 4–>C:\Program Files\Maxis\SimCity 4\EAUninstall.exe
SIW version 2009.10.22–>“C:\Program Files\SIW\unins000.exe”
Spelling Dictionaries Support For Adobe Reader 9–>MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Ulead Burn.Now 4.5 SE–>C:\Program Files\InstallShield Installation Information{A3BE3F1E-2472-4211-8735-E8239BE49D9F}\setup.exe -runfromtemp -l0x040c
Ulead PhotoImpact 12–>RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{11AFE21E-B193-430D-B57A-DFF7815BB962}\setup.exe” -l0x40c
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)–>C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Windows Internet Explorer 8–>“C:\WINDOWS\ie8\spuninst\spuninst.exe”
Windows Media Format 11 runtime–>“C:\Program Files\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Media Player 11–>“C:\WINDOWS$NtUninstallwmp11$\spuninst\spuninst.exe”
Windows XP Service Pack 3–>“C:\WINDOWS$NtServicePackUninstall$\spuninst\spuninst.exe”
======Security center information======
AV: Norton Internet Security
FW: Norton Internet Security
======System event log======
Computer Name: CYRILLE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.
Record Number: 16857
Source Name: Service Control Manager
Time Written: 20091219214854.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: CYRILLE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Symantec Real Time Storage Protection.
Record Number: 16856
Source Name: Service Control Manager
Time Written: 20091219214852.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
Computer Name: CYRILLE
Event Code: 2003
Message: Symantec Antivirus minifilter successfully loaded.
Record Number: 16855
Source Name: SRTSP
Time Written: 20091219214852.000000+060
Event Type: Informations
User:
Computer Name: CYRILLE
Event Code: 7036
Message: Le service Service de la passerelle de la couche Application est entré dans l’état : en cours d’exécution.
Record Number: 16854
Source Name: Service Control Manager
Time Written: 20091219214829.000000+060
Event Type: Informations
User:
Computer Name: CYRILLE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.
Record Number: 16853
Source Name: Service Control Manager
Time Written: 20091219214829.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM
=====Application event log=====
Computer Name: CYRILLE
Event Code: 4099
Message: Échec de l’ouverture de services.
Record Number: 1350
Source Name: WmiAdapter
Time Written: 20091109232352.000000+060
Event Type: erreur
User: BUILTIN\Administrateurs
Computer Name: CYRILLE
Event Code: 4099
Message: Échec de l’ouverture de services.
Record Number: 1349
Source Name: WmiAdapter
Time Written: 20091109232352.000000+060
Event Type: erreur
User: BUILTIN\Administrateurs
Computer Name: CYRILLE
Event Code: 4099
Message: Échec de l’ouverture de services.
Record Number: 1348
Source Name: WmiAdapter
Time Written: 20091109232351.000000+060
Event Type: erreur
User: BUILTIN\Administrateurs
Computer Name: CYRILLE
Event Code: 4099
Message: Échec de l’ouverture de services.
Record Number: 1347
Source Name: WmiAdapter
Time Written: 20091109232351.000000+060
Event Type: erreur
User: BUILTIN\Administrateurs
Computer Name: CYRILLE
Event Code: 4099
Message: Échec de l’ouverture de services.
Record Number: 1346
Source Name: WmiAdapter
Time Written: 20091109232350.000000+060
Event Type: erreur
User: BUILTIN\Administrateurs
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Fichiers communs\Ulead Systems\MPEG
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=16
“PROCESSOR_IDENTIFIER”=x86 Family 16 Model 6 Stepping 2, AuthenticAMD
“PROCESSOR_REVISION”=0602
“NUMBER_OF_PROCESSORS”=2
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
-----------------EOF-----------------